GDPR Small Business insights, tips and responsibility for 2018

GDPR Small Business

By ellenjharris | Blog

Apr 24

Zero Immunity In GDPR

GDPR Small Business Compliance is here. 

General Data Protection Regulation

Effective May 25, 2018

The GDPR Small Business compliance is a global impact law effecting the planet (not hype). Businesses around the world are vulnerable with this global law. Violating GDPR will cost you between $10 and $20 million Euros in fines.

Converted U.S. Dollar equivalents from Euros are $12,242,000.00 and $24,484,000.00 respectively with the Euro at $0.8173 per $1.2242.

Do not think GDPR does not apply to you. As a small business owner you are responsible. All businesses will have to have a Privacy Impact Assessment in place. In addition compliance with specific articles are mandatory like article 9 for example. These changes come with a hefty price tag. A Data Privacy Officer is not an inexpensive add-to-staff or consultant. You want to become the responsible DPO.

First of all, compliance is not so much external threats but internal threats. Small Business Owners will need to retrain any internal worker on how to handle data. This is important for GDPR Small Business.

Internal Threats defined by CMSwire:

  • Trust, but verify. Train your end users to identify and classify the sensitive data they handle and/or create. Ensure they are doing so. Use a combined or layered approach to data classification to ensure employees understand the policies, training and tools you provide and are integrating them into their day-to-day tasks.

    You want retraining for yourself in how you manage consumer data. You will want anyone working with you to experience the same training. Data is the challenge here. Anyone has the right to ask you how you used their data. How do you store data? How often do you retain data? What is your deletion policy? Is your Right To Be Forgotten policy in effect? Does your business retain my credit card data? Read the complete regulation details.

  • Understand your organization’s data. Determine what the data is, how it’s being created or collected, how it is maintained, stored and shared, and finally, how it should be disposed of. That will help you develop and implement practices that will best protect this valuable asset. Among other things, small businesses should implement practical and operational policies that delineate between work-related data and personal data.

    You want a firewall between business work data and personal data. Your existing policies will not serve you after May 25, 2018. Update them with compliance language now. Especially relevant is to not leave compliance to someone else. You alone are responsible for proper usage and compliance with your data. Most of all you want to start now. May 25, 2018 is approaching fast.

There is much more information available for your review. For now start to gain as much detail as you can about GDPR Small Business.  In this video the presenter shares ten useful tips to help you get started.

This is only the beginning of what you need to become compliant. Read further here.


About the Author

Ellen J Harris leads the Business-Accelerated Company. The firm is a C corporation specializing in Intellectual Property, Intellectual Capital and Intellectual Revenue Assets. Harris is a frequent guest on Blog Talk Radio, contributes to the NYU School of Entrepreneurship as a Business Consultant Coach in the $300K Entrepreneur Challenge and serves on the Advisory Board at the Lubin School of Business at Pace University. In her current portfolio, Harris leads three local U.S. Startups and one international startup launching in the second half of 2018. She serves small businesses in a variety of industries. Harris helps business owners maintain their compliance with federal requirements and most recently compliance with the European Union's General Data Protection Regulation.

Leave a Comment:

Leave a Comment: